v0.8.2 - New version of Enclaves Framework, which includes NATS Server as enclave's service bus (internal and external) and integration of RA Web-Server and FS-Monitor.

v0.8.2 - New version of Enclaves Framework, which includes NATS Server as enclave's service bus (internal and external) and integration of RA Web-Server and FS-Monitor.

New version of Enclaves Framework, which includes NATS Server as enclave's service bus, for integration of services inside enclave (and outside of enclave, via enclave's network proxy and external NATS servers, with support of NATS clusterization for cross-enclave integration), mainly for integration of RA Web-Server and FS-Monitor for now.

It also includes NATS KV JetStream buckets (and NATS JetStream objetcts storage/buckets) as persistency layer for services, RA Web-Server and FS-Monitor at the moment.

FS-Monitor act as a CoW FS metadata layer (missing part of enclave's ramdisk FS) and data provider for RA Web-Server to generate customized attestation documents per file in a granular way, to attest every corner of enclave's initramfs/ramdisk in enclave's runtime, and cover any run-time FS changes with enclave's attestation.

What's Changed

• Introduction of NATS Server as enclave's service bus
• Integration of services inside enclave and outside of enclave (cross-enclave integration) in a SOA manner (or in an actor based model)
• Integration of RA Web-Server and FS-Monitor, as a CoW FS metadata layer data provider for RA Web-Server
• NATS KV JetStream buckets (and NATS JetStream objetcts storage/buckets) as persistency layer for services in enclave
• Customized attestation documents per file in a granular way, to cover whole enclave's initramfs/ramdisk for any run-time FS changes with enclave's attestation

Full Changelog: v0.8.1...v0.8.2

v0.8.1 - Persistent storage layer for Attestation Web Server (`ra-web-srv`) and integration with enclave's service bus (based on NATS) and FS Monitor as FS metadata layer provider.

Persistent storage layer for Attestation Web Server (ra-web-srv) and integration with enclave's service bus (based on NATS) and FS Monitor as FS metadata layer provider.

Integrate persistent storage (NATS KV bucket) into pipeline of attestation documents generation (through make_attestation_docs function), respecting application configuration. Made generation of attestation documents from Walker and Watcher tasks, walking through KV bucket and watching for KV bucket changes, consuming data provided by FS Monitor as FS CoW metadata (hashes, for FS integrity control) layer provider, modified Producer task for generating of attestation docs. Made clean chain of responsibility through NATS Orchestrator task. Respect application configuration.

What's Changed

• Persistent layer and integration with enclave's service bus (based on NATS) by @andrcmdr in #6

Full Changelog: v0.8.0...v0.8.1

v0.8.0 - Enclave's File System Monitor.

v0.8.0 - Enclave's File System Monitor:

• Implementation of FS-Monitor: the real-time inotify events monitoring server for tracking changes of files & directories in enclave's ramdisk FS. Act as a data provider for attestation server and protocol, granularly tracking FS content via inotify kernel FS events and providing hashes for granular changes in enclave's run-time ramdisk file system.

What's Changed:

• Implementation of FS-Monitor: the real-time inotify events monitoring server for tracking changes of files & directories in enclave's ramdisk FS.

Full Changelog: v0.7.1...v0.8.0

v0.7.1 - Remote Attestation Web Server: Implementation of verifier endpoints (verificators) for next generation remote attestation web server

v0.7.1 - Remote Attestation Web Server:

• Implementation of verifier endpoints (verificators) for next generation remote attestation web server, to verify hashes for files as runtime ramdisk FS CoW metadata, verify VRF proofs from file+hash pair, verify attestation document signature itself via attestation document certificate's public key, perform attestation document certificate validity checks by date range and against CA bundle chain of root and intermediate certificates public keys. And perform exhaustive validity checks for signatures and by date range validity for each certificate in CA bundle chain (for root certificate and intermediate certificates).

What's Changed

• Implementation of verifier endpoints (verificators) for next generation remote attestation web server,

Full Changelog: v0.7.0...v0.7.1

v0.7.0 - Next generation RA web server.

v0.7.0 - Next generation RA web server.

• Implementation of next generation remote attestation web server to run inside the enclave and provide remote web protocol for enclave's file system (per file) run-time attestation.

What's Changed

• Implementation of multi-threaded hashing runtime for RA web-server. by @andrcmdr in #1
• Next generation of RA web server by @andrcmdr in #2

Full Changelog: v0.6.2...v0.7.0

v0.6.2

v0.6.2 - Fix eif_build hash for git checkout as apps build dependency in rbuilds.sh, update Cargo.lock for nixpkgs of eif_build and eif_extract, all to fix OpenSSL UAF vulnerability.

v0.6.1

v0.6.1 - Fix bindgen dynamic bindings compilation issue. Documenting bindgen setup into system with LLVM, CLang and its dev libs. Fix rustls panic and OpenSSL UAF vulnerability.

v0.6.0

0.6.0 - Set of reference applications, built with framework - inference server (will include Dobby model),
fine-tuning server (includes fine-tuning OML library), X agent (chat bot app).

v0.5.0

0.5.0 - Reverse proxies, transparent reverse proxies (including transparent port forwarding to vsock),
to support request forwarding into enclave's apps, for providing services (mostly web and other network protocols),
hosted inside enclave (in isolated memory region and isolated environment from host system).

v0.4.0

0.4.0 - New updated reproducible builds system for Sentient Enclaves Framework for building customized enclave images (EIF).